package com.atguigu.cloud.config.securityConfig.WebSecurityConfig;/**
 * @Auter 李孝在
 * @Date 2024/11/21
 */

import com.atguigu.cloud.config.Filter.RequestFilterAboutToken;
import com.atguigu.cloud.config.securityConfig.Request.BaseAuthenticationEntryPoint;
import com.atguigu.cloud.config.securityConfig.Request.BaseAuthenticationFailureHandler;
import com.atguigu.cloud.config.securityConfig.Request.BaseAuthenticationSuccessHandler;
import com.atguigu.cloud.config.securityConfig.Request.BaseLogoutSuccessHandler;
import com.atguigu.cloud.config.securityConfig.UserDetailsManager.DBAdminDetailsManager;
import jakarta.annotation.Resource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/**
 * @projectName: class-schedule-for-junior-year
 * @package: com.atguigu.cloud.config.securityConfig.WebSecurityConfig
 * @className: WebSecurityConfigByAdmin
 * @author: Eric
 * @description: TODO
 * @date: 2024/11/21 02:04
 * @version: 1.0
 */
@Configuration
@EnableWebSecurity
@Order(2)
public class WebSecurityConfigByAdmin {

    @Bean
    public UserDetailsService dbAdminDetailsManager() {
        return new DBAdminDetailsManager();
    }

    @Resource
    private RequestFilterAboutToken requestFilterAboutToken;

    @Bean
    public SecurityFilterChain filterChainAdmin(HttpSecurity http) throws Exception {
        http
                .addFilterBefore(requestFilterAboutToken, UsernamePasswordAuthenticationFilter.class)
                .authorizeHttpRequests(a->
                        a
                                .requestMatchers(
                                        "/register/**",
                                        "/login/**",
                                        "/swagger-ui/**", "/v3/api-docs/**", "/webjars/**"


                                ).permitAll()
                                .anyRequest().authenticated()
                )
                .csrf(AbstractHttpConfigurer::disable)
                .formLogin(form -> form
                        .loginPage("/login/WebAdmin").permitAll()//管理员的登录路径
                        .successHandler(new BaseAuthenticationSuccessHandler())//认证成功时执行方法
                        .failureHandler(new BaseAuthenticationFailureHandler())
                        .usernameParameter("username")
                        .passwordParameter("password")
                        .failureUrl("/login/WebAdmin?error")
                )
                .logout(logout -> {
                    logout.logoutSuccessHandler(new BaseLogoutSuccessHandler()); //注销成功时的处理
                })
                .exceptionHandling(exception -> {
                    exception.authenticationEntryPoint(new BaseAuthenticationEntryPoint());//请求未认证的接口
                });


        return http.build();
    }


}
